Protiva strong authentication service provides real cost savings while increasing the level of access security to your data. These costs savings can be realized by:
Reduced number of helpdesk calls for simple password reset.
No OTP device stock required to be stored, tracked and maintained
No CAPEX for authentication server(s)
Benefits of Strong Authentication Service
The number of attacks on company network increases every year with more sophisticated and persistent efforts to bypass security measures. All companies should be concerned with this evolving threat and implement proactive security measures to strenghen their security posture. Protiva Strong Authentication Service delivers stronger access controls which provides the protection needed to secure your business.
Key benefits include:
Complete authentication and device management
Complete on boarding and device fulfillment (hardware device or mobile app)
Web based portal for device management
Custom webstore for direct end user ordering and device fulfillment
Easy to deploy - no network or infrastructure changes
Service Elements
Protiva Strong AUthentication Service includes the following elements:
Complete OTP Credential Fullfillment - Gemalto provides all aspects of the OTP credential fulfillment process. This includes processing the end user order (and payment if needed), packaging the hardware token, shipping direct to end user or to corporate distribution point, provisioning of the OTP seed to the authentication server, and providing tracking information of the shipment.
For Mobile OTP app, Gemalto provides a portal for users to be redirected to the appropriate download site based upon the type of smartphone being used (e.g., Apple App Store for iPhones).
Complete Authentication Management - Once the device is provisioned and the user activates the OTP credential, authentication resources will be ready for the future access attempts. Once the user attempts to access and area of the network which requires strong authentication, the Gemalto agent on the RADIUS server will redirect the user to authenticate using their username and numeric code generated by the OTP device. Once verified the user will be granted access to appropriate resources.
Web API for flexible integration - Full web browser capabilities to easily integrat with existing web serivces and application architechture.
SAML 2.0 Federation - Full support for strong authentication to Google App via SAML 2.0 Federation.
Easy On Boarding - SA Server can easily be synced with leading identity store technology. This provides a simple process for provisioning and OTP seed and linking the device to the user's identity profile.
Easy Billing and Licensing Models - Gemalto provides several billing and licensing models to meet your business needs. As part of the intial service definition, these options will be reviewed to see which option is best for your specific business. One key element of Gemalto's licensing model is license reuse within the licensed period of time. For example, any OTP credential licensed for three years would remain viable even if it were given to another user or changed to a new device in the case of the mobile app.
Custom Webstore - Gemalto provides a simple way for users to request and in some cases pay for their OTP credential. The webstore can be generic or customized to maintain company brand. The level of customization will determine the cost of design service.
Hosting facility
Gemalto provides two options for hosting authentication services. All are SAS 70 secure facilities and each customer has their own instance of SA Server running in a secure domain. Based upon security requirements, the two hosting options are:
IaaS Provider - Gemalto will work an IaaS (Infrastructure-as-a-Service) vendor (e.g., Amazon Web Services) to deploy SA Server. This economically efficient model leverages the availability and scalability of computing resources provided by IaaS vendors and provides the flexibility to select your IaaS vendor of choice. Gemalto recommended list of IaaS providers are all SAS 70 certified, providing a good solution to secure access from remote workers needing access to email.
Premier Datacenter - Gemalto will provide an instance of SA server within a premier datacenter resource and location. The premier datacenter option leverages Gemalto's vast experience working with financial institutions requiring the secure handling of account holder information. With multiple certifications, including Visa and MasterCard, this facility has the latest physical and logical security measures in place. This option best serves companies requiring the ability to pinpoint the exact resource where their data is being stored for audit, regulatory requirements or internal company policy.
> Smart
Increase security and access control to your data
Reduce cost through hosted service
> Secure
Industry leading strong authentication solutions to meet your business needs